I'm getting bounces out of the system when an infected message arrives. The message is being sent to admin@first.domain notifying the administrator that the message wasn't delivered, but *that* administrative notification bounces with "Undelivered Mail Returned to Sender". The admin address in question is an alias on root@first.domain, which is forwarded to our primary root address. There's no particular error given, just that it couldn't be delivered:

It *looks* like what's happening is that the message to the recipient is including the full original message, including the virus, and thus getting blocked, causing the sender of the quarantine notice (i.e. admin) to get the bounce. I don't see how recipient notices can ever work that way:

By "first.domain", I mean the first test domain I configured when I was setting up zimbra; it's *not* the default domain, nor is it admin@the-recipients-domain, either of which would make more sense...

A related issue is that the wiki says (Zimbra MTA - Zimbra :: Wiki) that admin notification is set by default, but it doesn't say how to change that, which I would expect to be right next to the recipient notification button in the global settings/as/av section. I would also recommend that the recipient notifications be a user configurable option, as I could see different users having different preferences...